Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT cygwin DOT com Mail-Followup-To: cygwin AT cygwin DOT com Delivered-To: mailing list cygwin AT cygwin DOT com Subject: RE: Cygwin CD question MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Tue, 14 May 2002 09:29:13 +1000 X-MimeOLE: Produced By Microsoft Exchange V6.0.5762.3 content-class: urn:content-classes:message Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: From: "Robert Collins" To: "William Nicholson" , "Harold L Hunt" Cc: Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by delorie.com id g4DNTVR13028 > -----Original Message----- > From: William V. Nicholson [mailto:wvnicholson AT lbl DOT gov] > Sent: Tuesday, May 14, 2002 7:11 AM > To: Harold L Hunt > Cc: cygwin AT cygwin DOT com > Subject: Re: Cygwin CD question > > > > The point is that if you are really paranoid about these > things then someone might slip in a trojan or backdoor while > you are downloading Cygwin. Obviously, if you subsequently > set up an integrity tool then your system together with the > backdoor would check out as okay (possibly until it got > infected with a second backdoor or whatever). I don't really > have those kind of security requirements but I like to do > things right if I can; but I'll just accept that I have to > download it, Thanks, William You can look at the md5sums on the mirror sites and see if they match what you downloaded. You can also compare md5 sums across mirror sites - if they don't match, somebody has twiddled something. Rob -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/